RAPS.org needs your explicit consent to store browser cookies. If you don't allow cookies, you may not be able to use certain features of the web site such as personalized content. Please see our Privacy Policy for more information.

The site navigation utilizes arrow, enter, escape, and space bar key commands. Left and right arrows move
across top level links and expand / close menus in sub levels. Up and Down arrows will open main level
menus and toggle through sub tier links. Enter and space open menus and escape closes them as well. Tab
will move on to the next part of the site rather than go through menu items.

About the Regulatory Profession

The regulatory function is vital in making safe and effective healthcare products available worldwide. Individuals who ensure regulatory compliance and prepare submissions, as well as those whose main job function is clinical affairs or quality assurance are all considered regulatory professionals.

Regulatory Code of Ethics

One of our most valuable contributions to the profession is the Regulatory Code of Ethics. The Code of Ethics provides regulatory professionals with core values that hold them to the highest standards of professional conduct.

Regulatory Competency Framework

Like all professions, regulatory is based on a shared set of competencies. The Regulatory Competency Framework describes the essential elements of what is required of regulatory professionals at four major career and professional levels.

Regulatory Convergence

Join the brightest minds in regulatory at the annual Regulatory Convergence. See the global regulatory community in action. Intensive workshops. Topical sessions. Meet ups with regulators. This is where it all comes together.

Senate Bill Would Exempt Most Software from FDA Regulation

New legislation introduced this week in the US Senate would seek to place limits on the ability of the US Food and Drug Administration (FDA) to regulate clinical and health software, including mobile phone applications.

The legislation, the Preventing Regulatory Overreach to Enhance Care Technology (PROTECT) Act of 2014, is meant to close off a gap between what FDA actively regulates and what it could regulate.

To understand how FDA regulates medical devices, and in particular software, it's useful to take a metaphorical step back into the regulations and recent regulatory history.

Background

"Any instrument, apparatus, implement, machine, contrivance, implant,&nbsp;in vitro&nbsp;reagent, or other similar or related article, including a component part, or accessory which is either intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment or prevention of disease or intended to affects the structure of any function of the body of man or other animals, and which does not achieve its primary intended purposes through chemical action within or on the body."

Under FDA's reading of this provision, since mobile apps and software are intended to be used in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment or prevention of disease, they should thus be regulated as medical devices.

But not all regulation is created or enforced equally. FDA has long held that it only intends to regulate the applications themselves, and not the devices on which they run or the third-party stores from which they are sold, such as Apple's iTunes store.

FDA has also long held that it intends to regulate only those applications which make specific disease or curative claims, and will leave all other basic health applications to the regulatory purview of the Federal Trade Commission (FTC), which issued guidance on the subject in&nbsp;September 2012.

Recent Developments

These assurances, as explicitly laid out in its September 2013 final guidance document, Mobile Medical Applications, make clear that there are a class of devices FDA does intend to regulate (Page 26), and a class of all other (i.e. lower-risk) devices it intends to exercise it "enforcement discretion" over (Page 23). In other words, it could regulate those devices, but unless they pose a risk to patients, FDA generally won't regulate them.

Under the act, FDA would be banned from using its "enforcement discretion" on clinical or general health software, and would instead be granted authority only over an explicit set of software. The law would, in effect, take FDA's current final guidance and turn it into binding statute, thereby removing FDA's ability to alter it at a later point in time.

The Protect Act

Now a new piece of legislation is largely seeking to do the same thing. The PROTECT Act, sponsored by Sen. Deb Fischer (R-NE) and Angus King (I-ME)-two legislators not traditionally involved in FDA regulatory issues-seeks a "new risk-based framework for the oversight of clinical and health software that improves on the framework of the FDA."

Section 3 of the legislation would enact two new definitions, one for "clinical software" and the other for "health software." They are as follows:

Clinical software: "Clinical decision support software or other software (including any associated hardware and process dependencies) intended for human or animal use that

(A) captures, analyzes, changes, or presents patient or population clinical data or information and may recommend courses of clinical action, but does not directly change the structure or any function of the body of man or other animals; and

(B) is intended to be marketed for use only by a health care provider in a health care setting."

Health Software: "Software (including any associated hardware and process dependencies) that is not clinical software and

(A) that captures, analyzes, changes, or presents patient or population clinical data or information;

(B) that supports administrative or operational aspects of health care and is not used in the direct delivery of patient care; or

(C) whose primary purpose is to act as a platform for a secondary software, to run or act as a mechanism for connectivity, or to store data.

Both categories of software would be exempt from regulation under the FD&amp;C Act. "The term 'device' does not include clinical software or health software," the legislation states.

While the definitions are extensive, they largely capture the exemptions listed by FDA in its 2013 Mobile Medical Applications guidance.

Subject to Regulation

Some software, however, would be subject to regulation.

FDA would be permitted to regulate any software:

(A) that is intended to interpret patient-specific device data and directly diagnose a patient or user without the intervention of a health care provider;

(B) that conducts analysis of radiological or&nbsp; imaging data in order to provide patient-specific diagnostic and treatment advice to a health care provider;

(C) whose primary purpose is integral to the function of a drug or device; or

(D) that is a component of a device.

The law, introduced in the Senate, is seen as a companion piece of legislation to the SOFTWARE Act, which has yet to pass a vote the House Energy and Commerce Committee's Subcommittee on Health.